* Stop creating a circuit if the client fails authentication (i.e. the region server wasn't told that it was coming)

* This moves authentication from the client thread (where failure was difficult to detect) to the particular thread handling that packet * I've kept the authentication outside of the crucial clientCircuits lock (though any delay here is probably swamped by the other delays associated with login) * Also added more to the unit test to ensure this doesn't regress
author: Justin Clarke Casey 2008-10-24 21:22:54 +0000
committer: Justin Clarke Casey 2008-10-24 21:22:54 +0000
commit: 3340a579e72f1248bb092a705db068027e46ef75 (patch)
tree: de14319e2adc598dff0fd7557fc4f9d807ac55a2 /OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
parent: un-double-flipped some double-flipped normals in circular path prim end caps (diff)
download: opensim-SC_OLD-3340a579e72f1248bb092a705db068027e46ef75.zip
opensim-SC_OLD-3340a579e72f1248bb092a705db068027e46ef75.tar.gz
opensim-SC_OLD-3340a579e72f1248bb092a705db068027e46ef75.tar.bz2
opensim-SC_OLD-3340a579e72f1248bb092a705db068027e46ef75.tar.xz
1 files changed, 51 insertions, 21 deletions
diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs b/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
index 5d3dba0..e3a02bc 100644
--- a/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
+++ b/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
@@ -27,6 +27,8 @@
 using System.Net;
 using System.Net.Sockets;
+using System.Reflection;
+using log4net;
 using OpenMetaverse;
 using OpenMetaverse.Packets;
 using OpenSim.Framework;
@@ -36,8 +38,8 @@ namespace OpenSim.Region.ClientStack.LindenUDP
 {
    public class LLPacketServer
    {
-        //private static readonly log4net.ILog m_log
+        private static readonly log4net.ILog m_log
-        //    = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
+            = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
        protected readonly ILLClientStackNetworkHandler m_networkHandler;
        protected IScene m_scene;
@@ -87,49 +89,77 @@ namespace OpenSim.Region.ClientStack.LindenUDP
        /// <returns></returns>
        protected virtual IClientAPI CreateNewCircuit(EndPoint remoteEP, UseCircuitCodePacket initialcirpack,
                                                      ClientManager clientManager, IScene scene, AssetCache assetCache,
-                                                      LLPacketServer packServer, AgentCircuitManager authenSessions,
+                                                      LLPacketServer packServer, AuthenticateResponse sessionInfo,
                                                      UUID agentId, UUID sessionId, uint circuitCode, EndPoint proxyEP)
        {
            return
                new LLClientView(
-                     remoteEP, scene, assetCache, packServer, authenSessions, agentId, sessionId, circuitCode, proxyEP,
+                     remoteEP, scene, assetCache, packServer, sessionInfo, agentId, sessionId, circuitCode, proxyEP,
                     m_userSettings);
        }
        /// <summary>
+        /// Check whether a given client is authorized to connect
+        /// </summary>
+        /// <param name="useCircuit"></param>
+        /// <param name="circuitManager"></param>
+        /// <returns></returns>
+        public virtual bool IsClientAuthorized(
+            UseCircuitCodePacket useCircuit, AgentCircuitManager circuitManager, out AuthenticateResponse sessionInfo)
+        {
+            UUID agentId = useCircuit.CircuitCode.ID;
+            UUID sessionId = useCircuit.CircuitCode.SessionID;
+            uint circuitCode = useCircuit.CircuitCode.Code;
+            sessionInfo = circuitManager.AuthenticateSession(sessionId, agentId, circuitCode); 
+            if (!sessionInfo.Authorised)
+                return false;  
+            
+            return true;
+        }
+        /// <summary>
        /// Add a new client circuit
        /// </summary>
        /// <param name="epSender"></param>
        /// <param name="useCircuit"></param>
        /// <param name="assetCache"></param>
-        /// <param name="circuitManager"></param>
+        /// <param name="sessionInfo"></param>
        /// <param name="proxyEP"></param>
        /// <returns>
        /// true if a new circuit was created, false if a circuit with the given circuit code already existed
-        /// </returns>
+        /// </returns>        
-        public virtual bool AddNewClient(EndPoint epSender, UseCircuitCodePacket useCircuit, AssetCache assetCache,
+        public virtual bool AddNewClient(
-                                         AgentCircuitManager circuitManager, EndPoint proxyEP)
+            EndPoint epSender, UseCircuitCodePacket useCircuit, AssetCache assetCache,
+            AuthenticateResponse sessionInfo, EndPoint proxyEP)
        {
            IClientAPI newuser;
+            uint circuitCode = useCircuit.CircuitCode.Code;
-            if (m_scene.ClientManager.TryGetClient(useCircuit.CircuitCode.Code, out newuser))
+            
+            if (m_scene.ClientManager.TryGetClient(circuitCode, out newuser))
            {
+                // The circuit is already known to the scene.  This not actually a problem since this will currently
+                // occur if a client is crossing borders (hence upgrading its circuit).  However, we shouldn't 
+                // really by trying to add a new client if this is the case.
                return false;
            }
-            else
+            
-            {
+            UUID agentId = useCircuit.CircuitCode.ID;
-                newuser = CreateNewCircuit(epSender, useCircuit, m_scene.ClientManager, m_scene, assetCache, this,
+            UUID sessionId = useCircuit.CircuitCode.SessionID;
-                                           circuitManager, useCircuit.CircuitCode.ID,
+            
-                                           useCircuit.CircuitCode.SessionID, useCircuit.CircuitCode.Code, proxyEP);
+            newuser 
+                = CreateNewCircuit(
+                    epSender, useCircuit, m_scene.ClientManager, m_scene, assetCache, this, sessionInfo, 
+                    agentId, sessionId, circuitCode, proxyEP);
-                m_scene.ClientManager.Add(useCircuit.CircuitCode.Code, newuser);
+            m_scene.ClientManager.Add(circuitCode, newuser);
-                newuser.OnViewerEffect += m_scene.ClientManager.ViewerEffectHandler;
+            newuser.OnViewerEffect += m_scene.ClientManager.ViewerEffectHandler;
-                newuser.OnLogout += LogoutHandler;
+            newuser.OnLogout += LogoutHandler;
-                newuser.OnConnectionClosed += CloseClient;
+            newuser.OnConnectionClosed += CloseClient;
-                return true;
+            return true;
-            }
        }
        public void LogoutHandler(IClientAPI client)
author	Justin Clarke Casey	2008-10-24 21:22:54 +0000
committer	Justin Clarke Casey	2008-10-24 21:22:54 +0000
commit	3340a579e72f1248bb092a705db068027e46ef75 (patch)
tree	de14319e2adc598dff0fd7557fc4f9d807ac55a2 /OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
parent	un-double-flipped some double-flipped normals in circular path prim end caps (diff)
download	opensim-SC_OLD-3340a579e72f1248bb092a705db068027e46ef75.zip opensim-SC_OLD-3340a579e72f1248bb092a705db068027e46ef75.tar.gz opensim-SC_OLD-3340a579e72f1248bb092a705db068027e46ef75.tar.bz2 opensim-SC_OLD-3340a579e72f1248bb092a705db068027e46ef75.tar.xz

diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs b/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs index 5d3dba0..e3a02bc 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
@@ -27,6 +27,8 @@
27		27
28	using System.Net;	28	using System.Net;
29	using System.Net.Sockets;	29	using System.Net.Sockets;
		30	using System.Reflection;
		31	using log4net;
30	using OpenMetaverse;	32	using OpenMetaverse;
31	using OpenMetaverse.Packets;	33	using OpenMetaverse.Packets;
32	using OpenSim.Framework;	34	using OpenSim.Framework;
@@ -36,8 +38,8 @@ namespace OpenSim.Region.ClientStack.LindenUDP
36	{	38	{
37	public class LLPacketServer	39	public class LLPacketServer
38	{	40	{
39	//private static readonly log4net.ILog m_log	41	private static readonly log4net.ILog m_log
40	// = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);	42	= log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
41		43
42	protected readonly ILLClientStackNetworkHandler m_networkHandler;	44	protected readonly ILLClientStackNetworkHandler m_networkHandler;
43	protected IScene m_scene;	45	protected IScene m_scene;
@@ -87,49 +89,77 @@ namespace OpenSim.Region.ClientStack.LindenUDP
87	/// <returns></returns>	89	/// <returns></returns>
88	protected virtual IClientAPI CreateNewCircuit(EndPoint remoteEP, UseCircuitCodePacket initialcirpack,	90	protected virtual IClientAPI CreateNewCircuit(EndPoint remoteEP, UseCircuitCodePacket initialcirpack,
89	ClientManager clientManager, IScene scene, AssetCache assetCache,	91	ClientManager clientManager, IScene scene, AssetCache assetCache,
90	LLPacketServer packServer, AgentCircuitManager authenSessions,	92	LLPacketServer packServer, AuthenticateResponse sessionInfo,
91	UUID agentId, UUID sessionId, uint circuitCode, EndPoint proxyEP)	93	UUID agentId, UUID sessionId, uint circuitCode, EndPoint proxyEP)
92	{	94	{
93	return	95	return
94	new LLClientView(	96	new LLClientView(
95	remoteEP, scene, assetCache, packServer, authenSessions, agentId, sessionId, circuitCode, proxyEP,	97	remoteEP, scene, assetCache, packServer, sessionInfo, agentId, sessionId, circuitCode, proxyEP,
96	m_userSettings);	98	m_userSettings);
97	}	99	}
98		100
99	/// <summary>	101	/// <summary>
		102	/// Check whether a given client is authorized to connect
		103	/// </summary>
		104	/// <param name="useCircuit"></param>
		105	/// <param name="circuitManager"></param>
		106	/// <returns></returns>
		107	public virtual bool IsClientAuthorized(
		108	UseCircuitCodePacket useCircuit, AgentCircuitManager circuitManager, out AuthenticateResponse sessionInfo)
		109	{
		110	UUID agentId = useCircuit.CircuitCode.ID;
		111	UUID sessionId = useCircuit.CircuitCode.SessionID;
		112	uint circuitCode = useCircuit.CircuitCode.Code;
		113
		114	sessionInfo = circuitManager.AuthenticateSession(sessionId, agentId, circuitCode);
		115
		116	if (!sessionInfo.Authorised)
		117	return false;
		118
		119	return true;
		120	}
		121
		122	/// <summary>
100	/// Add a new client circuit	123	/// Add a new client circuit
101	/// </summary>	124	/// </summary>
102	/// <param name="epSender"></param>	125	/// <param name="epSender"></param>
103	/// <param name="useCircuit"></param>	126	/// <param name="useCircuit"></param>
104	/// <param name="assetCache"></param>	127	/// <param name="assetCache"></param>
105	/// <param name="circuitManager"></param>	128	/// <param name="sessionInfo"></param>
106	/// <param name="proxyEP"></param>	129	/// <param name="proxyEP"></param>
107	/// <returns>	130	/// <returns>
108	/// true if a new circuit was created, false if a circuit with the given circuit code already existed	131	/// true if a new circuit was created, false if a circuit with the given circuit code already existed
109	/// </returns>	132	/// </returns>
110	public virtual bool AddNewClient(EndPoint epSender, UseCircuitCodePacket useCircuit, AssetCache assetCache,	133	public virtual bool AddNewClient(
111	AgentCircuitManager circuitManager, EndPoint proxyEP)	134	EndPoint epSender, UseCircuitCodePacket useCircuit, AssetCache assetCache,
		135	AuthenticateResponse sessionInfo, EndPoint proxyEP)
112	{	136	{
113	IClientAPI newuser;	137	IClientAPI newuser;
114		138	uint circuitCode = useCircuit.CircuitCode.Code;
115	if (m_scene.ClientManager.TryGetClient(useCircuit.CircuitCode.Code, out newuser))	139
		140	if (m_scene.ClientManager.TryGetClient(circuitCode, out newuser))
116	{	141	{
		142	// The circuit is already known to the scene. This not actually a problem since this will currently
		143	// occur if a client is crossing borders (hence upgrading its circuit). However, we shouldn't
		144	// really by trying to add a new client if this is the case.
117	return false;	145	return false;
118	}	146	}
119	else	147
120	{	148	UUID agentId = useCircuit.CircuitCode.ID;
121	newuser = CreateNewCircuit(epSender, useCircuit, m_scene.ClientManager, m_scene, assetCache, this,	149	UUID sessionId = useCircuit.CircuitCode.SessionID;
122	circuitManager, useCircuit.CircuitCode.ID,	150
123	useCircuit.CircuitCode.SessionID, useCircuit.CircuitCode.Code, proxyEP);	151	newuser
		152	= CreateNewCircuit(
		153	epSender, useCircuit, m_scene.ClientManager, m_scene, assetCache, this, sessionInfo,
		154	agentId, sessionId, circuitCode, proxyEP);
124		155
125	m_scene.ClientManager.Add(useCircuit.CircuitCode.Code, newuser);	156	m_scene.ClientManager.Add(circuitCode, newuser);
126		157
127	newuser.OnViewerEffect += m_scene.ClientManager.ViewerEffectHandler;	158	newuser.OnViewerEffect += m_scene.ClientManager.ViewerEffectHandler;
128	newuser.OnLogout += LogoutHandler;	159	newuser.OnLogout += LogoutHandler;
129	newuser.OnConnectionClosed += CloseClient;	160	newuser.OnConnectionClosed += CloseClient;
130		161
131	return true;	162	return true;
132	}
133	}	163	}
134		164
135	public void LogoutHandler(IClientAPI client)	165	public void LogoutHandler(IClientAPI client)